NFS Flashcards Preview

RHCE > NFS > Flashcards

Flashcards in NFS Deck (5):
1

Provide Network Shares to Specific Clients - Server Installation and Configuration

yum install nfs-utils

mkdir /test1 /test2

getsebool -a | grep nfs_export

setsebool -P nfs_export_all_ro=1
setsebool -P nfs_export_all_rw=1

firewall-cmd --permanent --add-service=nfs
firewall-cmd --reload

systemctl enable rpcbind
systemctl enable nfs-server

systemctl start rpcbind
systemctl start nfs-server

vim /etc/exports
/test1 172.31.116.191(rw,no_root_squash)

exportfs -avr

2

Provide Network Shares to Specific Clients - Client Installation and Configuration

On client machine

yum install nfs-utils

systemctl enable rpcbind
systemctl start rpcbind
mkdir /test1 /test2

mount 172.31.113.110:/test1 /test1
mount 172.31.113.110:/test2 /test2

vim /etc/fstab
172.31.113.110:/test1 /test1 nfs _netdev,rw 0 0

3

Provide Network Shares Suitable for Group Collaboration

ON THE NFS SERVER

groupadd -g 7654 nfsdatagrp
adduser user3
adduser user4
usermod -G nfsdatagrp user3
usermod -G nfsdatagrp user4

mkdir /nfssdata
chown nfsnobody:nfsdatagrp /nfssdata/

chmod g+s /nfssdata/

vim /etc/exports
/nfssdata 172.31.116.191(rw,no_root_squash)

exportfs -avr


ON THE CLIENT SERVER
groupadd -g 7654 nfsdatagrp
useradd user3
useradd user4
passwd user3
passwd user4
usermod -G nfsdatagrp user3
usermod -G nfsdatagrp user4
mkdir /nfssdata
vim /etc/fstab
172.31.113.110:/nfssdata /nfssdata nfs defaults 0 0

4

Lecture: Use Kerberos to Control Access to NFS Network Shares - Quick NFS Setup

yum group install file-server
firewall-cmd --permanent --add-service nfs
firewall-cmd --reload

systemctl enable rpcbind nfs-server

mkdir /krbdata
chmod 777 /krbdata

ll -Z /

semanage fcontext -a -t public_content_rw_t "/krbdata(/.*)?"
restorecon -Rv /krbdata

semanage boolean -l | grep nfs

setsebool -P nfs_export_all_rw on

vim /etc/exports
/krbdata *(rw,no_root_squash)

exportfs -avr

systemctl start rpcbind
systemctl start nfs-server

exportfs -avr

showmount -e localhost

5

Lecture: Use Kerberos to Control Access to NFS Network Shares - Kerberos NFS Server and Client

ON NFS SERVER

# kadmin

kadmin: addprinc -randkey host/we3kb3.mylabserver.com
kadmin: ktadd host/we3kb3.mylabserver.com
ktadmin: quit

vim /etc/ssh_config

(UNCOMMENT)

GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes

systemctl reload sshd

authconfig --enablekrb5 --update

# kdmin

Kadmin: addprinc -randkey nfs/we3kb3.mylabserver.com
kadmin: ktadd nfs/we3kb3.mylabserver.com
kadmin: quit

authconfig --enablekrb5 --update

vim /etc/exports
/krbdata *(rw,no_root_squash,sec=krb5)

exportfs -avr

reboot

ON THE CLIENT

# kadmin
kadmin: addprinc --randkey nfs/we3kb3.mylabserver.com@MYLANSERVER.COM
ktadd nfs/we3kb3.mylabserver.com
quit

systemctl enable nfs-client.target
systemctl start nfs-client.target

mkdir /krbtest

mount -t nfs4 we3kb3.mylabserver.com:/krbdata /krbtest